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This listing of claims will replace all prior versions, and 
listings, of claims in the application: 



1 Claim 1 (original) : A communications method for use in a 

2 system comprising a first, second and third nodes, and a 

3 first secret, said first secret being shared between the 

4 first and secpnd nodes to secure communications between said 

5 first and second nodes, the method comprising: 

6 operating the first node to establish a secure 

7 communications session with said second node using the first 

8 shared secret to secure the contents of packets communicated 

9 from the first node that are directed to the second node as 

10 part of the secure communications session; 

11 operating a third node which is coupled to said first 

12 and second nodes to maintain in memory a copy of said first 

13 shared secret; and 

14 operating the third node to receive a secure flow of 

15 packets from the first node that are directed to said second 

16 node as part of the secure communications session. 

1 Claim 2 (original) : The method of claim 1, further 

2 comprising: 

3 operating the third node to receive from said second 



4 node the first shared secret and to store the first shared 

5 secret in memory, said received first shared secret being 

6 encrypted using a second shared secret known to the second 

7 and third nodes . 

1 Claim 3 (original) : The method of claim 2, further 

2 comprising: 

3 operating said third node to receive and process 

4 packets sent from said first node as part of said 

5 established communications session, said third node sending 

6 a message to the first node indicating successful receipt of 

7 packets by said second node. 
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1 Claim 4 (original) : The method of claim 3, wherein said 

2 third node uses said first shared secret to secure the 

3 message to the first node. 

1 Claim 5 (currently amended) : The method of claim 4 &, 

2 wherein said third node operates as an application proxy for 

3 said second node during said secure communications session 

4 without informing said first node that the third node is 

5 acting as a proxy in the place of said second node. 

1 Claim 6 (original) : The method of claim 5, further 

2 comprising: 

3 operating the third node to transmit information 

4 obtained from said communications session while said third 

5 node was . acting as a proxy for said second node to said 

6 second node; and 

7 operating the second node to continue the secure 

8 communications session with the first node. 

1 Claim 7 (original) : The method of claim 1, further 

2 comprising: 

3 operating the third node to inspect the secure packet 

4 flow from the first node, said step of inspecting said 

5 secure packet flow including performing at least one of a 

6 group of security steps which use the first shared secret, 

7 said group of security steps comprising: decrypting a 

8 packet, integrity checking contents of a packet., and 

9 authenticating a sender of a packet. 

1 Claim 8 (original): The method of claim 7, further 

2 comprising: 

3 operating the third node to drop the packet from the 

4 packet flow if the performed at least one of the group of 

5 security checks fails. 
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1 Claim 9 (original) : The method of claim 7, further 

2 comprising: 

3 operating the third node to additionally process the 

4 packets from the packet flow if no performed security check 

5 in said group of security checks fails. 

1 Claim 10 (original): The method of claim 9, further 

2 comprising: 

3 operating the third node to identify a packed with a 

4 disallowed packet payload by comparing at least a portion of 

5 the payload of each packet iri the packet flow to information 

6 indicating allowed packet payloads, payloads of a type which 

7 are not indicated by said information being disallowed 

8 packet payloads . 

1 Claim 11 (original) : The method of claim 10, further 

2 comprising : 

3 operating the third node to drop an identified packet 

4 with a disallowed packet payload. 

1 Claim 12 (original) : The method of claim 10, further 

2 comprising: 

3 operating the third node to modify the packet payload 

4 of packets identified to include a disallowed packet payload 

5 based on stored information indicating payload modifications 

6 to be. made to disallowed packet payloads. 

1 Claim 13 (original) : The method of claim 12, wherein the 

2 modified payload generated by modifying a packet payload 

3 includes a message- indicating that an erroneous payload was 

4 detected at the third node. 

1 Claim 14 (original) : The method of claim 10, further 

2 comprising: 

4 
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3 operating the third node to process at least two 

4 packets in the packet flow to produce at least a third 

5 packet. 

1 Claim 15 (original) : The method of claim 9, further 

2 comprising; 

3 operating the third node to generate an additional 

4 packet flow from the received packet flow directed to the 

5 second node and to forward the additional packet flow to the 

6 second node, packets in said additional packet flow having a 

7 source address corresponding to the first node and a 

8 destination address corresponding to the second node, said 

9 step of generating an additional packet flow including at 

10 least one of a group of security steps which use the first 

11 shared secret, the group of security steps consisting of: 

12 encrypting a packet, adding an integrity check for the 

13 contents of the packet, and adding an authenticator check 

14 for the packet sender. 

1 Claim 16. (original) : The method of claim 1, wherein the 

2 second and third nodes each include a second secret used to 

3 secure communications between the third node and the second 

4 node, the method further comprising: 

5 operating the third node to generate an additional 

6 packet flow from the received packet flow directed to the 

7 second node and to forward the additional packet flow to the 

8 second node, packets in said additional packet flow having a 

9 source address corresponding to the third node and a 

10 destination address corresponding to the second node, said 

11 step of generating an additional packet flow including at 

12 least one of a group of security steps which use the second 

13 shared secret, the group of security steps consisting of: 

14 encrypting a packet, adding an integrity check for the 

15 contents of the packet, and adding an authenticator check 

16 for the packet sender. 
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1 Claim 17 (original) : The method of claim 16, further 

2 comprising: 

3 operating the second node to communicate the first 

4 shared secret to the third node, the first shared secret 

5 being encrypted using the second shared secret. 

1 Claim 18 (original): The method of claim 17, further 

2 comprising: 

3 mutually authenticating the second and third nodes 

4 prior to the second node transmitting the first shared 

5 secret to the third node. 

1 Claim 19 (original) : A communications system, comprising: 

2 a first node including a first shared secret and a 

3 communications application for establishing a secure 

4 communications session using said first shared secret to 

5 secure packets communicated as part of said secure 

6 communications session; 

7 a mobile node including said first shared secret, a 

8 second shared secret, and at least one communications 

9 application for maintaining a secure communications session 

10 with said first node using said. first shared secret; 

11 an intermediate node, coupled to said first node and 

12 said mobile node, said intermediate node including said 

13 first shared secret and said second shared secret, said 

14 intermediate node including: 

15 means for processing packets directed by said 

16 first node towards said mobile node as part of a secure 

17 communications session using said first shared secret; 

18 and 

19 means for sending a message to said first node 

20 secured by said first shared secret indicating 

21 successful receipt of said packets by said mobile node. 



6 
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1 Claim 20 (original) : The communication system of claim 19, 

2 wherein said intermediate node further includes : 

3 means for communicating information generated by 

4 processing packets directed to said mobile node to said 

5 mobile node in packets secured using said second shared 

6 secret, said information being the result of application 

7 processing performed on the payload of at least two data 

8 packets to generate information not present in either of the 

9 two data packets. 



1 Claim 21 (original) : The communication system of claim 20, 

2 wherein the mobile node includes means for sending said 

3 first shared secret to said intermediate node in an 

4 encrypted format resulting encryption processing using said 

5 second shared secret. 

1 Claim 22 (new) : A communications system for use with a 

2 second node, said communications system comprising: 

3 a first node including: 

4 memory means for storing a first secret, 

5 said first secret being shared between the first 

6 node and the second node to secure communications 

7 between said first and second nodes; and 

8 means for establishing a secure 

9 communications session with said second node using 

10 the first shared secret to secure the contents of 

11 packets communicated from the first node that are 

12 directed to the second node as part of a secure 

13 communications session; 

14 a third node, coupled to said first and second nodes, 

15 the third node including: 

16 memory means for storing a copy of said 

17 first shared secret; and 

i 

18 means for receiving a secure flow of 

19 packets from the first node that are directed to 



7 
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20 said second node as part of the secure 

21 communications session. 

1 Claim 23 (new): The communication system of claim 22, 

2 wherein said third node further includes: 

3 means for receiving from said second node the first 

4 shared secret; and 

5 means for storing the first shared secret in memory, 

6 said received first shared secret being encrypted using a 

7 second shared secret known to the second and third nodes. 



1 Claim 24 (new) The communications system of claim 22, 

2 wherein said first node is a mobile node. 



1 Claim 2 5 (new) : A method of operating a third node in a 

2 system comprising a first node, a second node and said third 

3 node, a first secret being shared between the first and 

4 second nodes to secure communications between said first and 

5 second nodes, the method comprising: 

6 receiving from said second node the first shared 

7 secret; 

8 storing said first shared secret in memory; and 

9 receiving a secure flow of packets from the first node 

10 that are directed to said second node as part of the secure 

11 communications session. 



1 Claim 26 (new) : The method of claim 25, wherein said 

2 received first shared secret is received in an encrypted 

3 form, said first shared secret having been encrypted using a 

4 second shared secret known to the second and third nodes . 

1 Claim 27 (new) : The method of claim 25, further comprising: 

2 processing packets received from said first node which 

3 are part of said established communications session; and 
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4 sending a message to the first node indicating 

5 successful receipt of packets by said second node. 

1 Claim 28 (new): The method of claim 27, wherein said third 

2 node uses said first shared secret to secure the message to 

3 the first node. 



1 Claim 29 (new) : The method of claim 28, wherein said third 

2 node operates as an application proxy for said second node 

3 during a portion of said secure communications session 

4 without informing said first node that the third node is 

5 acting as a proxy in the place of said second node. 

1 Claim 3 0 (new) : The method of claim 29, further comprising: 

2 transmitting information obtained from said 

3 communications session while said third node was acting as a 

4 proxy for said second node to said second node . 

1 Claim 31 (new) : The method of claim 25, further comprising: 

2 using said first shared secret to decrypt a packet 

3 included in said secure flow of packets. 

1 Claim 32 (new) : The method of claim 31, further comprising: 

2 processing said decrypted packet; and 

3 communicating the result of processing said decrypted 

4 packet to said second node in an encrypted packet. 

1 Claim 3 3 (new) : The method of claim 25, further comprising: 

2 processing at least two packets in the secure flow of 

3 packets to produce at least a third packet; and 

4 communicating the third packet to the second node. 

1 Claim 34 (new) : A third node in a system comprising a first 

2 node, a second node and said third node, a first secret 

3 being shared between the first and second nodes to secure 
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4 communications between said first and second nodes, the 

5 method comprising: 

6 a receiver for receiving from said second node the 

7 first shared secret; 

8 memory in which said first shared secret is stored; and 

9 an agent module for receiving a secure flow of packets 

10 from the first node that are directed to said second node as 

11 part of the secure communications session. 



1 Claim 35 (new): The third. node of claim 34, wherein said 

2 received first shared secret is received in an encrypted 

3 form, said first shared secret having been encrypted using a 

4 second shared secret known to the second and third nodes . 



1 Claim 36 (new): The third node of claim 34, wherein said 

2 agent module includes : 

3 a proxy module for processing packets received from 

4 said first node which are part of said established 

5 communications session and sending a message to the first 

6 node indicating successful receipt of packets by said second 

7 node - 



1 Claim 37 (new) : A third node in a system comprising a first 

2 node, a second node and said third node, a first secret 

3 being shared between the first and second nodes to secure 

4 communications between said first and second nodes, the 

5 method comprising: 

6 receiver means for receiving from said second node the 

7 first shared secret; 

8 memory means for storing said first shared secret; and 

9 agent means for receiving a secure flow of packets from 

10 the first node that are directed to said second node as part 

11 of the secure communications session. 



10 
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1 Claim 38 (new) : The third node of claim 37, wherein said 

2 received first shared secret is received in an encrypted 

3 form, said first shared secret having been encrypted using a 

4 second shared secret known to the second and third nodes. 

1 Claim 39 (new): The third node of claim 37, wherein said 

2 agent means includes 

3 proxy means for processing packets received from 

4 said first node which are part of said established 

5 communications session and sending a message to the first 

6 node indicating successful receipt of packets by said second 

7 node • 

1 Claim 40 (new) : A machine readable medium including 

2 computer executable instructions for controlling a third 

3 node in a system comprising a first node, a second node and 

4 said third node, a first secret being shared between the 

5 first and second nodes to secure communications between said 

6 first and second nodes, to perform a communications method 

7 including the steps of: 

8 receiving from said second node the first shared 

9 secret; 

10 storing said first shared secret in memory; and 

11 receiving a secure flow of packets from the first node that 

12 are directed to said second node as part of the secure 

13 communications session. 



11 
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Claim 41 (new) : The third node of claim 40, wherein said 
received first shared secret is received in an encrypted 
form, said first shared secret having been encrypted 
using a second shared secret known to the second and 
third nodes. 
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